Re: tcpdump question

From: Agus <agus.262@xxxxxxxxx>
Date: Fri, 29 Aug 2008 23:04:40 -0300

2008/8/29 Olivier Nicole <on@xxxxxxxxxxxx>:

Edward,

I want to know what's meaning of 'S','.','P','F'?

You should learn a bit about TCP protocol.

S is for SYN (synchronize)
P is for PUSH
F is for FIN
. is for nothing

Pakets are:

3 way hand shake initiate TCP connection
client > server SYN
sever > client SYN ACK
client > server ACK

client > server send data
server > client ACK and send data
client > server ACK

tTermination
client > server FIN
server > client ACK
server > cient FIN
client > server ACK

ACk means acknowledge.

Olivier
_______________________________________________
freebsd-questions@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@xxxxxxxxxxx"

Hi,

Not too much to add...exept that yes..you need to have a look at
TCP/IP to understand what those flags and packets mean....

The SYN flag is used to initiate a "conversation"...like they
put..synchronize, is also the first part of the three way handshacke
which is the complete negotation for the transmission to begin...you
will see sequence and acck numbers also...

Then the PUSH flag is to push data..so it probably means that that
packet is for the app layer..or something similar...

Then the FIN which is the polite way to finish the conversation....see
taht it usses 4 ways instead of the three to establish...that is cause
FIN probably consumes ACKs while SYN and ACKs doesnt.
Theres also another flag to end the communication that is the R -
RESET- Usually sent back to app trying to talk to other's box with
close port..

Very highly recommende the TCP Illustrated Vol 1 by Richard Stevens...

Sorry if i missed or probably have something wrong...

Cheers,
Agustin
_______________________________________________
freebsd-questions@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@xxxxxxxxxxx"

References:
- tcpdump question
  - From: EdwardKing
- Re: tcpdump question
  - From: Olivier Nicole

Prev by Date: Re: BIND DNS Patching on 6.1, 6.2
Next by Date: RE: mysql-server-5.1.22 system administration docsonFreeBSD7.0-RELEASE-i386 ?
Previous by thread: Re: tcpdump question
Next by thread: jmicron based usb drive
Index(es):
- Date
- Thread

Relevant Pages

Re: UDP server scalability question
... why are you setting up an ACK on UDP? ... If this is all the server does, spawning multiple threads will most likely ... Unless the ACK is giving data (what the client should ...
(microsoft.public.dotnet.framework)
Re: Is Wininet the only choice for FTP?
... if I try to transfer 150 MB file then the file on the local disk gets pretty close to 150MB and then FtpGetFile() returns false. ... client responds with ACK ... server sends ACK ...
(microsoft.public.win32.programmer.networks)
Re: Network performance
... > so I wrote a server and a client using socket. ... * That what you're measuring is overhead - and most likely of setup. ... * Server -> SYN ACK ...
(comp.lang.python)
Re: 8.0-RC1 NFS client timeout issue
... This is with FreeBSD/amd64 8.0-RC1 as client. ... The server decides, for whatever reason, to terminate the ... connection and sends a FIN. ... but I think it is technically allowed by TCP. ...
(freebsd-current)
Re: 8.0-RC1 NFS client timeout issue
... This is with FreeBSD/amd64 8.0-RC1 as client. ... The server decides, for whatever reason, to terminate the ... connection and sends a FIN. ... but I think it is technically allowed by TCP. ...
(freebsd-stable)